W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2020

Re: Adding user@ to HTTP[S] URIs

From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 27 Jan 2020 13:22:16 +0100 (CET)
To: Rick van Rein <rick@openfortress.nl>
cc: James Fuller <jim@webcomposite.com>, Austin Wright <aaa@bzfx.net>, "HTTPbis WG (IETF)" <ietf-http-wg@w3.org>
Message-ID: <alpine.DEB.2.20.2001271319120.18042@tvnag.unkk.fr>
On Mon, 27 Jan 2020, Rick van Rein wrote:

> Please introduce me to any dragons you encounter; this caution alone does 
> not seem cause for action yet.

Maybe not a dragon, but...

$ curl foo@localhost -v
...
> GET / HTTP/1.1
> Host: localhost
> Authorization: Basic Zm9vOg==

... because userinfo in HTTP has only ever been there and used for 
authentication.

(Zm9vOg== is "foo:" base64 encoded)

-- 

  / daniel.haxx.se
Received on Monday, 27 January 2020 12:22:26 UTC

This archive was generated by hypermail 2.4.0 : Monday, 27 January 2020 12:22:27 UTC